[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Novell eDirectory 8.8 SP5 for Windows - Buffer Overflow Vulnerability
From: karakorsankara@xxxxxxxxxxx
Date: Fri, 23 Oct 2009 19:12:12 -0600

Product: 

Novell eDirectory 8.8 SP5 for Windows

Vulnerability Type: 

Buffer Overflow

Attack Vector: 

Network Request

Where: 

From Remote or Local Network

Solution: 

Unpatched

Description:

Vulnerability is in dhost module. 
A malformed http get request (to /dhost/modules?L:) cause a buffer overflow,
Successful exploitation of the vulnerability may allow execution of arbitrary 
code.

Debugger Results of Vulnerability and PoC Exploit:

http://tcc.hellcode.net/sploitz/novelbof.txt

Original Advisory:

http://tcc.hellcode.net/advisories/hellcode-adv004.txt

Credit to:

Hellcode Research
karak0rsan , murderkey

Prev by Date: [SECURITY] [DSA 1917-1] New mimetex packages fix several vulnerabilities
Next by Date: Re: /proc filesystem allows bypassing directory permissions on Linux
Previous by thread: [SECURITY] [DSA 1917-1] New mimetex packages fix several vulnerabilities
Next by thread: RunCms v.2M1 /modules/forum/post.php - 'forum' remote semi-blind SQL Injection Exploit
Index(es):
- Date
- Thread